General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Slow Traffic

Hi,PA in vwire mode , zone client and zone serversIn zone servers there is a print server(windows) and the zone client users pc .Users are trying heavy duty printing (50-100) pages .User complaining about slow operationsHow can I verify pa is bottleneck or making some issuesdata plane is seems to be okThanks

simsim by L4 Transporter
  • 6922 Views
  • 13 replies
  • 0 Likes

PCNSE 8 exam

Hello.I dont know whethet it is right place for this post but i didnt get where else i can ask this questionI want to get PCNSE 8 certificate.I am looking for materials for studing.I only have Exam study guide and admin guide and videos from youtube and etc.I have 6 months of experience with Palo Alto.I got the ACE certificate and other online c...

Radmin_85 by L4 Transporter
  • 7748 Views
  • 4 replies
  • 0 Likes

Attributes monitored in the VMware Environments (match criteria)

I can't find information about syntax of attributes in the VMware (vCenter or ESXi). I can see something here but not much . Few examples of match criteria here and that's it. I've added dynamic group g-vcenter with with i.e. filter: 'guestos.Red Hat Enterprise Linux 6' and it doesnt show anything . How do I debug these VM-information sources ? ...

niuk by L3 Networker
  • 2584 Views
  • 2 replies
  • 0 Likes

Resolved! Can Processor nodes put IPv4 addresses in order and in new ranges?

I find myself wanting processor or output nodes to aggregate IPv4 addresses into new ranges and in order. Since some Palo boxes have a limitation of 50K addresses in a Dynamic List Object, it would help a lot to make my outputs fit in there. Especially since I find myself in front of an output that looks like this in some parts: 108.62.56.100-...

PA-850 Default MTU

I've had nothing but issues with our 850 HA pair since we've put them in production replacing a pair of 3020s. My previous thread here: https://live.paloaltonetworks.com/t5/General-Topics/PA-850-amp-Radius-PEAP/m-p/189233#M57311 detailed the initial main issue. The 8.0.6 firmware fixed a small portion of our radius issue, but the main fix wa...

VPN passthrough

Hi, we're experiencing issue with site-to-site connectivity since we installed PAN firewall in the network few days ago. There are many IPSec (ikev1) tunnels configured between endpoints on the internet and Cisco VPN concentrator (ISR 4k router) behind the PAN firewall. Only 2 specific sites can't establish IPsec connection anymore since PAN has...

jerryv by L1 Bithead
  • 7559 Views
  • 9 replies
  • 0 Likes

Is anybody else reporting AD issues after upgrading to PAN OS 7.1.14

Hi PA Members, So far, seems to be there is only one person having AD issues after upgrading to PAN OS 7.1.14 (https://live.paloaltonetworks.com/t5/General-Topics/PAN-OS-7-1-14-AD-issues-after-update/m-p/191745), the same member also reports PA being aware of this issue and correct it on the next release PAN OS 7.1.15. We would like to avoid ha...

PA firewall can't properly reassemble fragmented packets if the traffic is asymmetric

Hi PA Expert, We have a network environment that have an asymmetric routing and fragmented traffics. Model: PA5060PANOS: 8.0.6-h3Method: vwire modeNo security profiles applied, no zone protection, no QOS, just single security policy that allow all. Already applied this setting to allow asymmetric: set deviceconfig setting session tcp-reject-non-...

CLI show session all filter - negation

Hello I need to show all session with destination IP 2.2.2.2 from all my worstation but not from my 1.1.1.1 How to do that?Negation using "!" doesnt work (works perfectly in GUI) show session all filter source !1.1.1.1 destination 2.2.2.2 RegardsSLawek

_slv_ by L4 Transporter
  • 4567 Views
  • 4 replies
  • 0 Likes

Resolved! I can't get IPs from output of minemeld in autofocus.

Hello, I can't get IPs from output of minemeld in autofocus. Please refer to the follwoing message and then give me any assistance. I can see IPs when I enter the follwoing url on a browser. https://0b2b72a3.paloaltonetworks-app.com/feeds/feedMCWithValue-Malware-IP vsys1/ActiveCampaignsIPv4: Next update at : Mon Jan 29 12:03:25...

Resolved! Disable possibility of Commit

Hi, I want to know if there is some way to know ifIn which scenario, we can guarantee that a PaloAlto device united to Panorama (For "x" reason) can give a COMMIT that involves a complaint from the Business Unit. Or there is a button ("Disable" in Panorama) that will help us with something similar and only enable when something specific is requi...

RCastro by L1 Bithead
  • 4842 Views
  • 4 replies
  • 0 Likes

Resolved! Best Practices for PAN-OS Upgrade without downtime

Hello all, i have Active /passive firewalls how can i upgrade PAN-OS without downtime ?? 1-when i upgrade active , it will reboot then passive will be active .. 2- When i upgrade the new active is it will be back to old active again ?? what about OS mismatching is it have any impact on HA 3- If both devices will be for VPN ? Tunnel will be down ...

Failed upgrade

I tried to do an upgrade from 7.1.13 to 7.1.14 and it appeared to install fine, but the ports, all the ports, failed to come up again. So I rolled it back to 7.1.13 and it went back to working fine

jdprovine by L4 Transporter
  • 3905 Views
  • 6 replies
  • 0 Likes
  • 24395 Posts
  • 123 Subscriptions
Top Solution Authors
Labels